You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

I'm new to the forums, and I've came here because I am infected with the lovely rond.starsdoor.com pop up. I know a few people have had it but I heard that every spyware depends on the system too so here I am posting for help along with my HiJackThis log. It is extremely annoying and I've used my virus scanner (Avast) to try and get rid of it, along with several spyware programs (spy sweeper, spyware doctor, ad-aware.) with no success. Any help is greatly appriciated. Also for some reason whenever I am using my browser the active page acts as if i click on something other than the current browser (isn't highlighted anymore) so that say like now when I'm typing this, my words stop typing because this page becomes unselected. Very annoying.

Apollogies for the delay. The forum has been very busy lately and. If you are still having problems, then please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic: Preparation Guide For Use Before Posting A Hijackthis Log.

If we do not hear back from you within a couple of days we will need to close your topic.

Hello, I believe one of the spyware programs I used solved the problem but now I have others. I keep getting a reditty pop up window and in the address bar for websites ip's always come up after i enter a website and will sometimes go to odd sites like upspiral etc. Here's my log

Please note that comments are made in green, links are in red, important things are outlined by using the blue color and the numbered steps I would like you to follow are outlined with orange.

Please also take note of the following:

I will start working on your Malware issues, this may or may not, solve other issues you have with your machine.

The fixes are specific to your problem and should only be used for this issue on this machine

The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.

If you don't know, stop and ask! Don't keep going on.

Please reply to this thread. Do not start a new topic.

Your logs show that you have used ComboFix prior to getting help here. This is not suggested. ComboFix is a powerful tool and can do much harm to your pc if not used in a guided environment!

Step #1

It is important that you use a software firewall, to prevent unauthorised traffic both out of and into your computer.Your log doesn't show a firewall running. If you have disabled it, please re-enable it.If you do not have a firewall installed, please download and install one of these excellent (and free) products:

You can find a pdf file of the user manual of Sunbelt Kerio Personal Firewall by please visiting the following link: Sunbelt Kerio Personal Firewall documentation site. If you have some further problems, setting up Sunbelt Personal Firewall, you can visit their "Q&A" section here.

When done downloading, please print out and follow these instructions: "How to download and use ComboFix"If you downloaded ComboFix previously, delete that version and download it again as the tool is frequently updated!

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".

Click onthis linkto see a list of programs that should be disabled. The list is not all inclusive.

When you have completed the ComboFix instructions, copy and paste the contents of C:\ComboFix.txt in your next reply.

When done, be sure to re-enable your anti-virus and other security programs.

Do NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert. It is a powerful tool intended by its creator to be used under the guidance and supervision of an expert, not for private use. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read Combofix's Disclaimer.

Lots of Hacking/Trojans use the methods found (plugged by the updates) that have not been stopped by people not updating.

By updating your machine, you have one less headache!

Update ALL Critical updates and any other Windows updates for services/programs that you use.

If you wish, you can also use automatic updates. This is a good thing to have if you want to be up-to-date all the time, but can also be a bit of an annoyance due to its handling and the sizes of the updates. If you wish to turn on automatic updates then you will find here is a nice little article about turning on automatic updates.

Note that it will download them for you, but you still have to actually click install.

For a nice list of freeware programmes in all categories, please have a look at this thread with freeware products that are regarded as useful by the users of this forum: Commonly Used Freeware Replacements.

Another recommendation, is to download HostMan. It safeguards you with a regularly updated Hosts-file that blocks dangerous sites from opening. This adds another bit of safety while surfing the Internet. For installlation and setting up, follow these steps:

Double-click the Downloaded installer and install the tool to a location of your choice

Via the Startmenu, navigate to HostsMan and run the program.

Click "Hosts" in the menu

Click "Manage Updates" in the submenu

Out of the three, select atl eastone of them (I have MVPS Host as my main one)

Click "Add Update." After that you will only need to click on the following button to retrieve updates:

Click the X to exit the program.

Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.

Finally, and definitely the MOST IMPORTANT step, click on the following tutorial and follow each step listed there:

Glad I was able to help and if there any other problems related to your computer please feel free to post them in the appropriate forum. Though we help people with spyware and viruses here at BC, we also help people with other computer problems! Do not forget to tell your friends about us!

Using two software firewalls on a single computer could cause issues with connectivity to the Internet or other unexpected behavior. Further, running multiple software firewalls can cause conflicts that are hard to identify and troubleshoot. Only one of the firewalls can receive the packets over the network and process them. Sometimes you may even have a conflict that causes neither firewall to protect your connection. However, you can use a hardware firewall (your router) and a software firewall in conjunction. For more information see "The Differences and Features of Hardware & Software Firewalls" and Bleepingcomputer's tutorial on Firewalls - "Understanding and using Firewalls".

Also, please see a quote of what I previously wrote (post #4):

If you do decide to install a third party firewall, make sure that the windows firewall is not running and if it is, deactivate it. A tutorial on how to do it, can be found here.

I would suggest to turn off the Windows Firewall. The XP one is pretty "useless" anyhow.